Back to skill
Skillv1.0.0
ClawScan security
Pilot Service Agents Gov Finance · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 2:26 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only client for the Pilot Protocol that coherently requires the pilotctl binary and a running Pilot daemon on network 9 to discover and query gov-finance agents; it does not request unrelated credentials or perform unexpected local actions.
- Guidance
- This skill is coherent and appears to do what it says, but you should: 1) only install if you trust the pilotctl binary and Pilot Protocol daemon (verify official sources), 2) be aware queries go over the Pilot overlay/network — do not send sensitive private data (SSNs, private keys, unreleased disclosures) to agents you don't control, and 3) ensure the required core skills (pilot-protocol, pilot-service-agents) are legitimate. If you want extra assurance, provide the pilotctl binary source or upstream Pilot Protocol documentation for review.
Review Dimensions
- Purpose & Capability
- okName/description match the runtime instructions: all commands use pilotctl to discover and query overlay agents for SEC, BLS, HTS, Dept of Ed data. Requiring pilotctl and the pilot-protocol/core skill is proportional and expected.
- Instruction Scope
- okSKILL.md directs only pilotctl send-message and pilotctl inbox calls to remote agents and recommends reading each agent's /help contract; it does not instruct reading unrelated local files, environment variables, or exfiltrating data outside the Pilot overlay.
- Install Mechanism
- okNo install spec or code is included (instruction-only), so nothing is written to disk by the skill itself. This is the lowest-risk pattern.
- Credentials
- okThe skill declares no required environment variables or credentials. Its operational requirements (pilotctl on PATH, running daemon joined to network 9, list-agents reachable) are consistent with the described functionality.
- Persistence & Privilege
- okalways:false and no install-time privileges are requested. The skill can be invoked autonomously per platform defaults but does not request persistent/privileged presence beyond normal agent invocation.